Top executives face personal malware threat

Summary:Hackers have created a botnet that has sent personally crafted emails to 500 C-level executives in a bid to extract confidential company data

Hackers have targeted 500 key business executives in what is believed to be the first mass-targeted malware attack, according to security vendor MessageLabs.

Targeted attacks aim to bypass security measures by individually addressing emails, which often contain zero-day exploits.

On 26 June, MessageLabs intercepted more than 500 individual email attacks targeted at individuals in senior management positions in a variety of organisations around the world. Normally MessageLabs sees approximately 10 targeted attacks per 200 million emails per day, said Mark Sunner, MessageLabs' chief security analyst.

The malicious emails contain the name and job title of the victim in the subject line. The vertical sector most targeted was banking and finance, with chief investment officers being targeted in 30 percent of the attacks, according to Sunner. However, other verticals were also targeted. Eleven percent of the intended victims were chief executive officers, while six percent were chief finance officers.

Sunner said that the executives being targeted were perhaps "not that tech savvy". In the attacks, an executable file was embedded in a Word document. If the victim opened the document and clicked on a link, the file would have run a data-stealing Trojan that relied on creating buffer overflow conditions in Office documents.

MessageLabs said it did not know who had perpetrated the attack. "It's a certainty that some executives were compromised," said Sunner.

The intended victims' PAs, spouses and relatives were also targeted by name, in attempt to infect other computers related to the victim. The intent was to indirectly gain access to confidential correspondence and intellectual property relating to the target, said MessageLabs.

Sunner said he suspected the hackers harvested the information using search and social-networking sites. "Someone somewhere has really done their homework," said Sunner.

Topics: Security

About

Tom is a technology reporter for ZDNet.com, writing about all manner of security and open-source issues.Tom had various jobs after leaving university, including working for a company that hired out computers as props for films and television, and a role turning the entire back catalogue of a publisher into e-books.Tom eventually found tha... Full Bio

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.